AIDE, mod_http2, Thunderbird, and more updates for Oracle Linux

Oracle Linux 6415 Published by

Oracle has released several security updates and bug fixes for its Linux distributions, including Oracle Linux 10, 9, and 8. The updates address various vulnerabilities, such as improper output neutralization in the aide package and untrusted input from clients in the mod_http2 module. Additionally, bug fixes have been applied to packages like bash, NetworkManager, libxslt, and pacemaker to resolve issues and enhance functionality.

ELSA-2025-14592 Important: Oracle Linux 10 aide security update
ELSA-2025-14625 Moderate: Oracle Linux 10 mod_http2 security update
ELSA-2025-14640 Important: Oracle Linux 9 thunderbird security update
ELBA-2025-14438-1 Oracle Linux 8 kernel bug fix update
ELBA-2025-14549 Oracle Linux 8 gcc bug fix and enhancement update
ELSA-2025-14510 Important: Oracle Linux 10 kernel security update
ELBA-2025-20539 Oracle Linux 9 leapp-repository bug fix update
ELSA-2025-14750 Moderate: Oracle Linux 8 fence-agents security update
ELBA-2025-14552 Oracle Linux 8 bash bug fix and enhancement update
ELSA-2025-14438 Moderate: Oracle Linux 8 kernel security update
ELBA-2025-14561 Oracle Linux 8 NetworkManager bug fix and enhancement update
ELBA-2025-14558 Oracle Linux 8 libxslt bug fix and enhancement update
ELBA-2025-14543 Oracle Linux 8 pacemaker bug fix and enhancement update




ELSA-2025-14592 Important: Oracle Linux 10 aide security update


Oracle Linux Security Advisory ELSA-2025-14592

http://linux.oracle.com/errata/ELSA-2025-14592.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
aide-0.18.6-8.el10_0.2.x86_64.rpm

aarch64:
aide-0.18.6-8.el10_0.2.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/aide-0.18.6-8.el10_0.2.src.rpm

Related CVEs:

CVE-2025-54389

Description of changes:

[0.18.6-8.2]
- aide: improper output neutralization enables bypassing (CVE-2025-54389)
Resolves: rhbz#2388019



ELSA-2025-14625 Moderate: Oracle Linux 10 mod_http2 security update


Oracle Linux Security Advisory ELSA-2025-14625

http://linux.oracle.com/errata/ELSA-2025-14625.html

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

x86_64:
mod_http2-2.0.29-2.el10_0.1.x86_64.rpm

aarch64:
mod_http2-2.0.29-2.el10_0.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol10/SRPMS-updates/mod_http2-2.0.29-2.el10_0.1.src.rpm

Related CVEs:

CVE-2025-49630

Description of changes:

[2.0.29-2.1]
- Resolves: RHEL-106263 - CVE-2025-49630 httpd: untrusted input from a client
causes an assertion to fail in the Apache mod_proxy_http2 module



ELSA-2025-14640 Important: Oracle Linux 9 thunderbird security update


Oracle Linux Security Advisory ELSA-2025-14640

http://linux.oracle.com/errata/ELSA-2025-14640.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.14.0-3.0.1.el9_6.x86_64.rpm

aarch64:
thunderbird-128.14.0-3.0.1.el9_6.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/thunderbird-128.14.0-3.0.1.el9_6.src.rpm

Related CVEs:

CVE-2025-9179
CVE-2025-9180
CVE-2025-9181
CVE-2025-9182
CVE-2025-9185

Description of changes:

[128.14.0-3.0.1]
- Fix prefs for new nss [Orabug: 37079813]
- Add Oracle prefs

[128.14.0]
- Add OpenELA debranding

[128.14.0-3]
- Update to 128.14.0 build2

[128.14.0-2]
- Add missing translations

[128.14.0-1]
- Update to 128.14.0 build1



ELBA-2025-14438-1 Oracle Linux 8 kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2025-14438-1

http://linux.oracle.com/errata/ELBA-2025-14438-1.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.71.1.0.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.71.1.0.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
perf-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-553.71.1.0.1.el8_10.src.rpm

Description of changes:

[4.18.0-553.71.1.0.1.el8_10.OL8]
- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

[4.18.0-553.71.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 s_fs_info in gfs2_sys_fs_add (Andrew Price) [RHEL-88072]
- gfs2: Remove unnecessary NULL check before free_percpu() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: replace sd_aspace with sd_inode (Andreas Gruenbacher) [RHEL-88072]
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: No more self recovery (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Fix withdraw race (Andreas Gruenbacher) [RHEL-104232]



ELBA-2025-14561 Oracle Linux 8 NetworkManager bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-14561

http://linux.oracle.com/errata/ELBA-2025-14561.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
NetworkManager-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-adsl-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-bluetooth-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-cloud-setup-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-20.0.1.el8_10.i686.rpm
NetworkManager-libnm-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-libnm-devel-1.40.16-20.0.1.el8_10.i686.rpm
NetworkManager-libnm-devel-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-ovs-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-ppp-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-team-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-tui-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-wifi-1.40.16-20.0.1.el8_10.x86_64.rpm
NetworkManager-wwan-1.40.16-20.0.1.el8_10.x86_64.rpm

aarch64:
NetworkManager-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-adsl-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-bluetooth-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-cloud-setup-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-config-connectivity-oracle-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-config-server-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-dispatcher-routing-rules-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-initscripts-updown-1.40.16-20.0.1.el8_10.noarch.rpm
NetworkManager-libnm-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-libnm-devel-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-ovs-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-ppp-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-team-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-tui-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-wifi-1.40.16-20.0.1.el8_10.aarch64.rpm
NetworkManager-wwan-1.40.16-20.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/NetworkManager-1.40.16-20.0.1.el8_10.src.rpm

Description of changes:

[1.40.16-20.0.1]
- Add support for DAD_CONFLICT to nm-dispatcher
- Drop 777 permissions from Networkmanager-dispatcher drop-in directory [Orabug: 37581862]
- Add a dropin file to make Networkmanager-dispatcher persistent [Orabug: 36989910]
- disable MPTCP handling by default [Orabug: 35081472]
- Fix ignore-carrier logic [Orabug: 34956744]
- Disable regeneration of the documentation [Orabug: 34712048]
- add connectivity check via Oracle servers [Orabug: 32051972]
- Disable the build of NetworkManager-config-connectivity-* subpackage for 8.3
- Revert "infiniband: avoid normalizing the p-key when reading from ifcfg"

[1:1.40.16-20]
- device: don't disable IPv6 in stage3 on reapply (RHEL-91479)



ELBA-2025-14558 Oracle Linux 8 libxslt bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-14558

http://linux.oracle.com/errata/ELBA-2025-14558.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
libxslt-1.1.32-6.3.0.1.el8_10.i686.rpm
libxslt-1.1.32-6.3.0.1.el8_10.x86_64.rpm
libxslt-devel-1.1.32-6.3.0.1.el8_10.i686.rpm
libxslt-devel-1.1.32-6.3.0.1.el8_10.x86_64.rpm

aarch64:
libxslt-1.1.32-6.3.0.1.el8_10.aarch64.rpm
libxslt-devel-1.1.32-6.3.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/libxslt-1.1.32-6.3.0.1.el8_10.src.rpm

Description of changes:

[1.1.32-6.3.0.1]
- Added libxslt-oracle-enterprise.patch and replaced doc/redhat.gif in tarball

[1.1.32-6.3]
- Fix misplaced endif (RHEL-107912)



ELBA-2025-14543 Oracle Linux 8 pacemaker bug fix and enhancement update


Oracle Linux Bug Fix Advisory ELBA-2025-14543

http://linux.oracle.com/errata/ELBA-2025-14543.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
pacemaker-cluster-libs-2.1.7-5.3.0.1.el8_10.i686.rpm
pacemaker-cluster-libs-2.1.7-5.3.0.1.el8_10.x86_64.rpm
pacemaker-libs-2.1.7-5.3.0.1.el8_10.i686.rpm
pacemaker-libs-2.1.7-5.3.0.1.el8_10.x86_64.rpm
pacemaker-schemas-2.1.7-5.3.0.1.el8_10.noarch.rpm

aarch64:
pacemaker-cluster-libs-2.1.7-5.3.0.1.el8_10.aarch64.rpm
pacemaker-libs-2.1.7-5.3.0.1.el8_10.aarch64.rpm
pacemaker-schemas-2.1.7-5.3.0.1.el8_10.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/pacemaker-2.1.7-5.3.0.1.el8_10.src.rpm

Description of changes:

[2.1.7-5.3.0.1]
- Upstream reference in pacemaker crm_report binary [Orabug: 32825154]
- Replace bug url [Orabug: 34202300]

[2.1.7-5.3]
- Add option for controlling remote node fencing behavior
- Resolves: RHEL-93220


Kernel, Fence-Agents, Thunderbird, OpenShift updates for RHEL

Firefox, AIDE, mod_http2, Kernel updates for AlmaLinux

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...